I alluded to this post yesterday on Twitter, and after committing the code early this morning to the upstream repo on GitHub, here it is!
Similar to how the configuration of the user roles in NSX Manager were initially being done using the Ansible URI module, the configuration of the remote syslog server as utilizing the same method. The code originally looked like this:
43 - name: Set syslog configuration on NSX Manager 44 uri: 45 url: "https://{{nsxmanager_spec.host}}/api/1.0/appliance-management/system/syslogservers" 46 method: PUT 47 url_username: "{{ nsxmanager_spec.user }}" 48 url_password: "{{ nsxmanager_spec.password }}" 49 headers: 50 Content-Type: "application/json" 51 Accept: "application/json" 52 body: 53 syslogServersList: '[{"syslogServer": "{{ syslog_server }}", "port": "514", "protocol": "UDP"}]' 54 body_format: json 55 force_basic_auth: yes 56 validate_certs: no 57 use_proxy: no 58 return_content: yes 59 tags: nsx_syslog_enable 60 delegate_to: localhost
This worked and the configuration was updated accordingly. However, I wanted to expand the NSX Ansible module to include this functionality natively. Fortunately, the definition exists within the NSX RAML file and writing a small amount of Python code was a very easy lift.
5961 /system/syslogserver: 5962 displayName: systemSyslogServer 5963 description: | 5964 Working With Syslog Server 5965 ----- 5966 get: 5967 displayName: systemSyslogServerRead 5968 description: Retrieves only the first syslog server among the servers configured. 5969 responses: 5970 200: 5971 body: 5972 application/xml: 5973 example: | 5974 <syslogserver> 5975 <syslogServer>192.168.110.20</syslogServer> 5976 <port>514</port> 5977 <protocol>UDP</protocol> 5978 </syslogserver> 5979 put: 5980 displayName: systemSyslogServerUpdate 5981 description: Configures one syslog server. If there are syslog server(s) already configured, this API replaces the first one in the list. 5982 body: 5983 application/xml: 5984 example: | 5985 <syslogserver> 5986 <syslogServer>name-2</syslogServer> 5987 <port>port-2</port> 5988 <protocol>protocol-2</protocol> 5989 </syslogserver> 5990 schema: systemSyslogServerUpdate 5991 delete: 5992 displayName: systemSyslogServerDelete 5993 description: Deletes all the syslog servers.
The module is now available in the master
branch on GitHub.
The module will work with NSX-v versions 6.4 and lower. To leverage the module within an Ansible playbook or role, the following code example can be used:
1 --- 2 - hosts: all 3 connection: local 4 gather_facts: False 5 6 tasks: 7 - name: Configure NSX Manager syslog 8 nsx_manager_syslog: 9 nsxmanager_spec: "{{ nsxmanager_spec }}" 10 state: present 11 syslog_server: "{{ syslog_server }}" 12 syslog_port: "{{ syslog_port }}" 13 syslog_protocol: "{{ syslog_protocol }}" 14 register: nsxv_syslog
It important to note that in NSX-v 6.4, an additional syslog API call was added that supports setting multiple syslog servers within the NSX Manager. The module above, supports the API call that only modifies a single syslog server. I will likely be adding support for the additional API call in the near future, in the meantime this module can be leveraged to configure syslog on your NSX Managers.
Enjoy!